<?php 

// Include the configuration file for error management and such.
require_once ('./includes/config.inc.php'); 

// Set the page title and include the HTML header.
$page_title = 'Newnham College Associates: edit details';
$site_section = 'Edit';
include ('./includes/header.html');
include ('./includes/find.inc.php');
include ('./includes/fetch-user.inc.php');
include ('./includes/edit.inc.php');
include ('./includes/password.inc.php');

// is the user logged in?
if (!isset($_SESSION['user_level'])) {
  user_redirect('/login.php');
  exit(); // Quit the script.
} 
 // they are logged in, so we can continue
$form_ok = FALSE;
$submitted = FALSE;
require_once ('./mysql_connect.php'); // Connect to the database.

// it's OK for people to edit their own details, or for admins
// to edit others, as long as they came in from the admin page

// get the userid, if any, from the url
$user_id = $_GET['assoc'];

// you're editing your own if the url says so
$editing_own = (isset($_GET['do']) && $_GET['do'] == 'edit');
$added_new = (isset($_GET['do']) && $_GET['do'] == 'added');
$adding_new = (isset($_GET['do']) && $_GET['do'] == 'new');
$editing_admin = (isset($_GET['do']) && $_GET['do'] == 'admin');
$doing_admin =  $editing_admin || $adding_new || $added_new;

// the userid isn't the same as the logged in user,
// make it so (unless the logged in user has admin privileges and
// is doing admin)
if ($user_id != $_SESSION['userid']) {
  if ( $_SESSION['user_level'] < 10 || ! $doing_admin) {
    $user_id = $_SESSION['userid']; 
  }
}

$need_form = $editing_own || $editing_admin || $adding_new;

if (isset($_POST['submitted'])) { // Handle the  submitted form.
  $submitted = TRUE;
  $error_msgs = validate_details_form($doing_admin, $adding_new);
  $form_ok = (count($error_msgs) == 1);
  if ($form_ok) {
    $user_id = update_user_details($user_id, $doing_admin, $adding_new);
    if ($adding_new) {
        user_redirect("/assoc.php?assoc={$user_id}&do=added");
    }
    // if it was OK, we have added already...
    $editing = FALSE;
    $need_form = FALSE;
    $_GET['do'] = 'admin';  // why?? 
  }
} 


$result = fetch_all_thing_results('subject');
while ($row=mysql_fetch_array($result)) { // bung them into an array
    $all_subjects[] = $row;
}
mysql_free_result($result);
$result = fetch_all_thing_results('advice');
while ($row=mysql_fetch_array($result)) { // bung them into an array
    $all_advice[] = $row;
}
mysql_free_result($result);
$result = fetch_all_thing_results('interest');
while ($row=mysql_fetch_array($result)) { // bung them into an array
    $all_interests[] = $row;
}
mysql_free_result($result);

$user_info = fetch_user_info($user_id);
$user_details = fetch_user_details($user_id);
$user_blurb = fetch_user_blurb($user_id);

$user_ugrad_subject_results = fetch_user_thing_results('subject', $user_id, 1);
$user_pgrad_subject_results = fetch_user_thing_results('subject', $user_id, 2);
$user_interest_results = fetch_user_thing_results('interest', $user_id, 1 );
$user_advice_results = fetch_user_thing_results('advice', $user_id, 1);

mysql_close(); // Close the database connection.

echo "<h1>\n";
if (! $need_form) {
    echo "Show";
} else if ($adding_new) {
    echo "Add";
} else {
    echo "Edit";
}
echo " details";
if ($doing_admin) {
  echo " ADMINISTRATION";
}
echo "</h1>\n";

// errors if necessary
if ($submitted && ! $form_ok) {
  echo '<ul class="formErrors">';
  foreach ($error_msgs as $msg) {
    echo "<li> $msg </li>";
  }
  echo '</ul>';
} else if ($submitted) {
    if ($doing_admin) {
        echo "<p>The details have been updated.";
        echo "You can <a href=\"assoc.php?assoc={$user_id}&do=admin\">edit them again</a>,";
        echo " <a href=\"assoc.php?assoc=0&do=new\">add a new Associate</a>,";
        echo " or return to the <a href=\"admin.php\">admin page</a>.";
        echo "</p>\n";
    }
    else {
        echo '<p>Your details have been updated.</p>';
    }
} else if ($added_new) {
        echo "<p>The details have been added.";
        echo "You can <a href=\"assoc.php?assoc={$user_id}&do=admin\">edit them</a>, ";
        echo " <a href=\"assoc.php?assoc=0&do=new\">add another new Associate</a>,";
        echo " or return to the <a href=\"admin.php\">admin page</a>.";
        echo "</p>\n";

}

if ($need_form) {
    echo "<form action=\"assoc.php?assoc=";
    echo $user_id; 
    echo "&do=";
    echo $_GET['do']; 
    echo "\" method=\"post\">";
}
else {
    if ($doing_admin) {
        echo "<p>These are the current details.</p>\n";
    }
    else {
        echo "<p>These are your current details. \n";
        echo "You can <a href=\"assoc.php?assoc={$user_id}&do=edit\">edit them</a>.";
        echo "</p>\n";
    }
}
echo "<table>\n";
if ($doing_admin) {
    echo "<tr><td class=\"admin\" >Login:</td><td colspan=\"2\">";
    echo_user_details($need_form, 'login', '20', $user_info, 'login');
    echo "</td></tr>\n";
}
else {
    echo "<tr><td class=\"heading\" >Login:</td><td colspan=\"2\">";
    echo_user_details(FALSE, 'login', '20', $user_info, 'login');
    echo "</td></tr>\n";
}
if ($need_form) {
?>
<tr><td class="heading">New Password:</td>
    <td><input type="password" name="password1" size="20" maxlength="20" /></td>
    <td rowspan="2"  class="explanation">Use only letters and numbers. Must be between 4 and 20 characters long. Leave empty to keep your existing password.</td>
</tr>
<tr><td class="heading">Confirm New Password:</td>
    <td><input type="password" name="password2" size="20" maxlength="20" /></td>
</tr>
<?php
     }
     if ($doing_admin) {
         $init_level = get_initial_value($user_info, 'level', 'level');
         $levels[] = array(1, 'Associate');
         $levels[] = array(5, 'Brochure editor');
         $levels[] = array(10, 'Administrator');
         echo "<tr><td class=\"admin\" >Level:</td><td colspan=\"2\">";
         if ($need_form) {
             echo "<select name=\"level\" >\n";
             foreach ($levels as $lev) {
                 echo "<option value=\"$lev[0]\"";
                 if ($init_level == $lev[0]) {
                     echo " selected=\"selected\"";
                 }
                 echo ">$lev[1]</option>\n";
             }
             echo "</select>";
         }
         else {
             foreach ($levels as $lev) {
                 if ($init_level == $lev[0]) {
                     echo "$lev[1]";
                 }
             }
         }
         echo "</td></tr>\n"; 
          echo "<tr><td class=\"admin\" >Year of election:</td><td colspan=\"2\">";
          echo_user_details($need_form, 'election_year', '5', $user_details, 'election_year');
          echo "</td></tr>\n";

          echo "<tr><td class=\"admin\" >Year of resignation:</td><td colspan=\"2\">";
          echo_user_details($need_form, 'stop_year', '5', $user_details, 'stop_year');
          echo "</td></tr>\n";

          echo "<tr><td class=\"admin\" >Current or ex:</td><td colspan=\"2\">";

          $isCurrent = get_initial_is($user_details, 'is_current', 'is_current');
          if ($adding_new) {
              $isCurrent = TRUE;   // default to current
          }
          if ($need_form) {
              echo "<input type=\"radio\" name=\"is_current\" value=\"1\"";
              if ($isCurrent) {
                  echo " checked=\"true\" ";
              }
              echo " />Current&nbsp;&nbsp;&nbsp;&nbsp;\n";
              echo "<input type=\"radio\" name=\"is_current\" value=\"0\"";
              if (!$isCurrent) {
                  echo " checked=\"true\" ";
              }
              echo " />Ex-associate<br />\n";
          }
          else {
              if ($isCurrent) {
                  echo "Current Associate";
              }
              else {
                  echo "Ex-associate";
              }
          }
          echo "</td></tr>\n";

          echo "<tr><td class=\"admin\" >Committee member:</td><td colspan=\"2\">";
          $isCommittee = get_initial_is($user_details, 'is_committee', 'is_committee');
          if ($need_form) {
              echo "<input type=\"radio\" name=\"is_committee\" value=\"1\"";
              if ($isCommittee) {
                  echo " checked=\"true\" ";
              }
              echo " />Yes&nbsp;&nbsp;&nbsp;&nbsp;\n";
              echo "<input type=\"radio\" name=\"is_committee\" value=\"0\"";
              if (!$isCommittee) {
                  echo " checked=\"true\" ";
              }
              echo " />No\n";
          }
          else {
              if ($isCommittee) {
                  echo "Yes";
              }
              else {
                  echo "No";
              }
          }
          echo "</td></tr>\n";

     }
?>

<tr><td>&nbsp;</td><td>&nbsp;</td><td class="toright">
<?php if ($need_form) { ?>
<input type="submit" name="submit" value="Submit changes" />
<?php } ?>
</td></tr>

<tr ><td class="heading">First name:</td>
     <td colspan="2">
<?php echo_user_details($need_form, 'fname', '30', $user_details, 'first_name'); ?>
</td></tr>

<tr><td class="heading">Last name:</td>
    <td colspan="2">
<?php echo_user_details($need_form, 'lname', '30', $user_details, 'last_name'); ?>
</td></tr>

<tr><td class="heading">Title:</td>
    <td colspan="2">
<?php echo_user_details($need_form, 'title', '30', $user_details, 'title'); ?>
</td></tr>

<tr><td rowspan="4" class="heading">Address:</td>
    <td colspan="2">
<?php echo_user_details($need_form, 'address1', '50', $user_details, 'address1'); ?>
</td></tr>

<tr>
    <td colspan="2">
<?php echo_user_details($need_form, 'address2', '50', $user_details, 'address2'); ?>
</td></tr>

<tr>
    <td colspan="2">
<?php echo_user_details($need_form, 'address3', '50', $user_details, 'address3'); ?>
</td></tr>

<tr>
    <td colspan="2">
<?php echo_user_details($need_form, 'address4', '50', $user_details, 'address4'); ?>
</td></tr>

<tr><td class="heading">Post code:</td>
    <td colspan="2">
<?php echo_user_details($need_form, 'postcode', '15', $user_details, 'post_code'); ?>
</td></tr>

<tr><td class="heading">Home phone:</td>
    <td colspan="2">
<?php echo_user_details($need_form, 'hphone', '15', $user_details, 'home_phone'); ?>
</td></tr>

<tr><td class="heading">Work phone:</td>
    <td colspan="2">
<?php echo_user_details($need_form, 'wphone', '15', $user_details, 'work_phone'); ?>
</td></tr>

<tr><td class="heading">Mobile phone:</td>
    <td colspan="2">
<?php echo_user_details($need_form, 'mphone', '15', $user_details, 'mobile_phone'); ?>
</td></tr>

<tr><td class="heading">Email address:</td>
    <td colspan="2">
<?php echo_user_details($need_form, 'email', '40', $user_details, 'email'); ?>
</td></tr>

<tr><td class="heading">Allow email from web site?:</td>
<td>
<?php 
$emailOK = FALSE;
if (get_initial_is($user_details, 'email_allowed', 'email_allowed')) { 
    $emailOK = TRUE;
}
if ($adding_new) {
    $emailOK = TRUE;
}
if ($need_form) { 
?>
<input type="radio" name="email_allowed" value="1" <?php  if ($emailOK) {echo "checked=\"true\"";} ?>  />Yes&nbsp;&nbsp;&nbsp;&nbsp;
        <input type="radio" name="email_allowed" value="0" <?php if (!$emailOK) {echo "checked=\"true\"";} ?>/>No
<?php
 }
else {
    if ($emailOK) {
        echo "Yes";
    }
    else {
        echo "no";
    }
}
?>
    </td>
<td class="explanation">Your email address will not appear on the web site, or be disclosed to
any user of the web site.</td>
</tr>

<tr><td class="heading">Use email for Associates admin?:</td>
    <td colspan="2">
<?php 
$emailOK = FALSE;
if (get_initial_is($user_details, 'admin_email_ok', 'admin_email_ok')) { 
    $emailOK = TRUE;
}
if ($adding_new) {
    $emailOK = TRUE;
}
if ($need_form) { 
?>
<input type="radio" name="admin_email_ok" value="1" <?php  if ($emailOK) {echo "checked=\"true\"";} ?>  />Yes&nbsp;&nbsp;&nbsp;&nbsp;
        <input type="radio" name="admin_email_ok" value="0" <?php if (!$emailOK) {echo "checked=\"true\"";} ?>/>No<br />
<?php
 }
else {
    if ($emailOK) {
        echo "Yes";
    }
    else {
        echo "no";
    }
}
?>
</td>
</tr>

<tr><td>&nbsp;</td></tr>

<tr><td class="heading">Subjects read at university:</td> 
    <td><b>Undergraduate</b><br />
<?php 
if (!$adding_new) {
  if (mysql_num_rows($user_ugrad_subject_results) >0) {
      echo "<i>Current&nbsp;subjects:</i><br />";
    while ($row=mysql_fetch_array($user_ugrad_subject_results)) {
      echo "&nbsp;", $row[0], "<br />";
    }
  }
  else {
      echo "<i>No subjects selected</i><br />";
  }
  mysql_free_result($user_ugrad_subject_results);
}
?>
</td>
    <td><b>Postgraduate</b><br />
<?php
if (!$adding_new) {
  if (mysql_num_rows($user_pgrad_subject_results) >0) {
      echo "<i>Current&nbsp;subjects:</i><br />";
    while ($row=mysql_fetch_array($user_pgrad_subject_results)) {
      echo "&nbsp;", $row[0], "<br />";
    }
  }
  else {
      echo "<i>No subjects selected</i><br />";
  }
  mysql_free_result($user_pgrad_subject_results);
}
?>
</td>
</tr> 

<?php
if ($need_form) {
?>

<tr><td class="explanation">Select more than one subject using the control key. 
Your selections will replace your current subjects. 
Select NONE to clear all entries.</td>
    <td><select name="ugrad[]" size="15" multiple="true">
           <option value="0">NONE</option>
        <?php 
        foreach ($all_subjects as $subj) {
          echo "<option value=\"$subj[0]\">$subj[1]</option>";
        }
         ?>
        </select>
    </td>
    <td><select name="pgrad[]" size="15" multiple="true">
           <option value="0">NONE</option>
        <?php 
        foreach ($all_subjects as $subj) {
          echo "<option value=\"$subj[0]\">$subj[1]</option>";
        }
         ?>
        </select>
    </td>
</tr>

<tr><td>&nbsp;</td><td>&nbsp;</td><td class="toright"><input type="submit" name="submit" value="Submit changes" /></td></tr>
<?php
                                   }   // end of need_form
?>
<tr><td>&nbsp;</td></tr>

<tr><td class="heading">Past and present occupations, areas of expertise etc.:</td>
<td rowspan="2">
        <?php
if (!$adding_new) {
  if (mysql_num_rows($user_interest_results) >0) {
      echo "<i>Current&nbsp;areas:</i><br />";
    while ($row=mysql_fetch_array($user_interest_results)) {
      echo "&nbsp;", $row[0], "<br />";
    }
  }
  else {
      echo "<i>No areas selected</i><br />";
  }

  mysql_free_result($user_interest_results);
}
        ?>
</td>
<td rowspan="2">
<?php
if ($need_form) {
?>
    <select name="interest[]" size="15" multiple="true">
           <option value="0">NONE</option>
        <?php 
        foreach ($all_interests as $subj) {
          echo "<option value=\"$subj[0]\">$subj[1]</option>";
        }
         ?>
        </select>
    
<?php
                                   }   // end of need_form
?>
    </td>

</tr>
<tr><td class="explanation">
<?php
if ($need_form) {
    echo("Select as many areas as are applicable, using the control key to select more than one. Any changes will replace your current entries. Select NONE to clear all entries.");
}
?>
</td>
</tr>

<tr><td>&nbsp;</td></tr>

<tr><td class="heading">Advice available:</td>
    <td rowspan="2">
        <?php
          if (!$adding_new) {
    if (mysql_num_rows($user_advice_results) >0) {
      echo "<i>Current&nbsp;areas:</i><br />";
      while ($row=mysql_fetch_array($user_advice_results)) {
        echo "&nbsp;", $row[0], "<br />";
      }
    }
  else {
      echo "<i>No areas selected</i><br />";
  }
    mysql_free_result($user_advice_results);
}
        ?>
</td>
<td rowspan="2">
<?php
if ($need_form) {
?>

<select name="advice[]" size="5" multiple="true">
           <option value="0">NONE</option>
        <?php 
        foreach ($all_advice as $subj) {
          echo "<option value=\"$subj[0]\">$subj[1]</option>";
        }
         ?>
        </select>
<?php
                                   }   // end of need_form
?>
    </td>

</tr>
<tr><td class="explanation">
<?php
if ($need_form) {
    echo("Select as many areas as are applicable, using the control key to select more than one. Any changes will replace your current entries. Select NONE to clear all entries.");
}
?>
</td>
</tr>

<tr><td>&nbsp;</td></tr>

<tr>
<td class="heading">Description:</td>
<td rowspan="2" colspan="2">
<?php 
if ($need_form) { 
    echo "<textarea name=\"blurb\" cols=\"55\" rows=\"8\">";
}
echo get_initial_value($user_blurb, 'blurb', 'blurb'); 
if ($need_form) { 
    echo "</textarea>";
}
?> 
</td>
</tr>
<tr>
    <td  class="explanation">
<?php
if ($need_form) {
    echo("This should be chatty and approachable. Unlike most publicity material, 
this is not intended to emphasise your achievements or status; we don&rsquo;t want
to scare the students off! ");
}
?>
</td>
</tr>
 

</table>

<?php
if ($need_form) {
?>
<div align="center"  style="margin-top: 1em;"><input type="submit" name="submit" value="Submit changes" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</form>
<?php
     }
?>

     
       

<?php // Include the HTML footer file.
include ('./includes/footer.html');
?>